Tuesday, September 2, 2014 - 00:54

When celebrities strip without intention

According to various news sites and comments by suspected victims a good share of celebrities had their nude photos and other interesting art published without consent. Apparently hackers brute forced into iCloud accounts to obtain the data.
Friday, June 6, 2014 - 20:49

OpenSSL: Buggallore...again.

Now I could start this with attacking the notorious Seggelmann/Henson bug-team. And probably that would be justified to a certain extent. But I won't. Well. Not beyond the introduction that is.
Thursday, May 29, 2014 - 20:49

TrueCrypt and a big fat and ugly WHAT THE FUCK?

For some yet unknown reason TrueCrypt is pretty much gone. The website sports a warning and the repo has been closed and reduced to a rather shady version 7.2 that you should stay away from as far as possible.
Tuesday, April 22, 2014 - 16:19

Patching a backdoor to make it a more 'proper' backdoor.

Remember when in December 2013 Synacktiv's Eloi Vanderbeken found a pretty nasty backdoor in commercial routers that were widely deployed?
Friday, April 11, 2014 - 01:53

[Heartbleed]: Havoc caused by not checking your boundaries.

The OpenSSL heartbleed bugs demonstrates the problems with sloppy coding and sloppy review on a 1 to 10 fuck-me-seriously? scale with a solid 10. 2 years of potential to wreak havoc. Just because one sloppy coder who made a mistake you're simply not supposed to make and one reviewer who didn't see the obvious...including everyone else who looked at that code and didn't see it either.
Thursday, December 26, 2013 - 22:51

The industry's gloves are off with RSA

F-Secure's CRO Mikko Hypponen is the first to cancel his speech at RSA's 2014 conference in February where he was ironically supposed to talk about Governments as Malware Authors.
Saturday, October 5, 2013 - 00:22

Some new details on the Lavabit incident.

Lavabit was one of Snowden's email providers who closed business in the wake of the NSA scandal. Ladar Levison, the owner of Lavabit, went public early on with the reason why he closed the service. Until now however very little details were public.
Friday, October 4, 2013 - 23:47

Adobe managed to leak records of up to 3 million credit cards

Adobe announced yesterday that they leaked records of around 2,900,000 credit cards and other user data. On top of that they managed to leak a good share of source code for various products ... in the same incident.
Sunday, June 16, 2013 - 23:44

PRISM. National solutions will most certainly not solve the problem.

After the NSA's surveillance scandal hit the big stage various voices demand solutions away from the United States and with that away from Google, facebook, Microsoft and others. The idea is to move data out of range of the NSA. There's however a catch with that.

Thursday, January 17, 2013 - 00:49

Employed coder outsourced his work to China.

Verizon's security blog is usually not overly entertaining. Not unexpected. It's a security blog. But the case Verizon outlined yesterday is pretty much a hoot.